MDKSA-2003:003

Problem description

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP
client daemon. dhcpcd has the ability to execute an external script
named dhcpcd-.exe when an IP address is assigned to that
network interface. The script sources the file
/var/lib/dhcpcd/dhcpcd-.info which contains shell variables
and DHCP assignment information. The way quotes are handled inside
these assignments is flawed, and a malicious DHCP server can execute
arbitrary shell commands on the vulnerable DHCP client system. This
can also be exploited by an attacker able to spoof DHCP responses.
Mandrake Linux packages contain a sample /etc/dhcpc/dhcpcd.exe file
and encourages all users to upgrade immediately. Please note that
when you do upgrade, you will have to restart the network for the
changes to take proper effect by issuing "service network restart"
as root.